TahawulTech.com
  • TahawulTech.com
  • Country/Region
    • UAE
      • TII’s Cryptography Research Centre collaborates with Yale
      • Emirates NBD recognised for innovation in digital banking
      • AFZ obtains five-star rating by Department of Digital Ajman
      • Trackimo to establish UAE presence after GITEX success
      • ASUS extends 2 Year Perfect Warranty across UAE
    • Saudi Arabia
      • Innovation at the heart of SPARK’s sustainability agenda
      • stc test MENA’s first ORAN on live network
      • SAR Modernises Railway Data Infrastructure with Oracle Cloud
      • Mobily expands Ericsson services partnership in Saudi Arabia
      • F5 Appoints Al Jammaz as a Value-Added Distribution Partner
    • Oman
      • Oracle supports major project to accelerate Oman digital economy
      • Ooredoo accelerates cybersecurity in Oman with new deal
      • Omantel selects Ericsson to manage its nationwide multi-vendor networks
      • Oman TRA shares plans to accelerate 5G deployment
      • Oman ICT and IFS partnership
        IFS, Oman ICT Group partner to develop country’s ICT sector
    • Bahrain
      • Bahrain achieves full nationwide 5G coverage
      • Batelco, SonicWall launch integrated security solutions for SMEs in Bahrain
      • Bahrain to offer COVID-19 test results on WhatsApp, Facebook Messenger
      • Infor supports Bahrain’s digital transformation
      • Zain taps Ericsson to launch 5G network in Bahrain
    • Kuwait
      • Commercial Bank of Kuwait gets mobile payments moving with Thales Digital Solutions
      • Ooredoo chooses Fortinet to deliver secure SD-WAN managed services in Kuwait
      • Zain rolls out first-ever 5G roaming service in MENA
      • Kuwait’s Zain Group bolsters cloud offerings with Oracle
      • (LtoR) Nouri and Athbi Al Enezi, JustClean
        Kuwait-based online laundry services firm reveals expansion plans
    • Africa
      • Amazon payment services launches in the MENA region
      • Egypt people determination
        Egypt turns to AI to deliver COVID-19 diagnosis service to People of Determination
      • Dubai-based Credence Security signed by ESET as distributor for southern Africa
      • Reem Asaad, Vice President Middle East and Africa, Cisco
        Cisco appoints new vice president for Middle East and Africa
      • solar power
        Schneider Electric inks sustainable energy deal for Africa
    • Middle East
      • HP Appoints Vishnu Taimni as Head of Middle East Operations
      • FlexxPay Launches Telesales Centre in Lebanon
      • Ericom Resumes Expansion with Key Investments in the region
      • Huawei M.E a reference for resilience and sustainability
      • Amazon payment services launches in the MENA region
    • Global
      • Gender Lens investing vital to economic recovery
      • Virgin Hyperloop unveils location for Hyperloop certification centre
      • TikTok taps Oracle as secure cloud provider
      • Zoom acquisition
        Zoom gets security boost with Keybase acquisition
      • Why collaboration is the answer to the successful roll-out of 5G
  • Industry
    • Education
      • Kaplan and ConnecME partner on Educational Solutions
      • DIFC Academy and EIBFS Partner to Enhance Financial Training
      • Acer Unveils New TravelMate Spin B3 Laptop for Classrooms
      • Makini Launches Robotics in New Cambridge Curriculum
      • SecureLink collaborates with British University in Dubai
    • Energy
      • Quorum Software to aid digital transformation of energy industry
      • Bell Aims to Advance Fuel Cell Technology
      • Halliburton Provides Digital Solutions for Kuwait Oil Company
      • AI Experts Create CodeCarbon, to Track Computing’s CO2 Output
      • Digitalisation to unlock $2.6 trillion in oil and gas sector
    • Financial services
      • DIFC Academy and EIBFS Partner to Enhance Financial Training
      • Emirates NBD and MetLife form strategic partnership
      • Moro Hub and Avaya, to spearhead Emirates NBD’s digital growth
      • Emirates Islamic supports SMEs with new Banking centres
      • GELLIFY Middle East calls for improved data regulations
    • Government
      • Hanwha Techwin Signs MOU with Egypt Ministry
      • DEWA hosts Future Engineers camp
        DEWA adopts Smart Dubai’s ethical AI toolkit
      • Dubai SME, HPE team up to foster innovation and local entrepreneurship
      • Dubai Economy launches latest version of ‘EngageDXB’ app
      • Younus Al Nasser, CEO of Dubai Data
        Smart Dubai to spotlight smart city initiatives at GITEX 2020
    • Healthcare
      • NYU Abu Dhabi researchers develop breakthrough in tumour treatment
      • Laipac Launches World’s First AI Rapid Antigen Test System
      • Kaspersky tips on remote working for smaller businesses
      • Why healthcare remains a prized target for cybercriminals
      • Thumbay boosts Healthcare’s Cybersecurity with Trend Micro
    • Property
      • Renters searching for homes online surge amid coronavirus fears
      • tech app Dubai
        Emirati tech entrepreneur launches new app to ease Dubai’s rental woes
      • huobi fam properties
        Huobi, fäm Properties to offer secure crypto payments in real estate
      • Cybertrucks
        UAE’s Azizi Developments pre-orders Tesla Cybertrucks for site visits
      • Oracle Emaar
        How Emaar and Oracle are building the future of property and IT
    • Retail
      • Majid Al Futtaim Taps IBM Food Trust for Blockchain Technology
      • Carrefour Employs More Tally Robots Across its Stores
      • GMG Sports prepares with new digital omnichannel strategy
      • du announces availability of the all-new iPhone 12 Pro Max and iPhone 12 mini with 5G
      • Dubai e-commerce
        Dubai e-commerce sector sees significant increase: Dubai Economy
    • Technology
      • Majid Al Futtaim Taps IBM Food Trust for Blockchain Technology
      • GCG Enterprise Solutions boosts Digital Transformation with Nintex
      • D-Link’s New Camera Integrates Technology into Daily Life
      • Ericsson have penned a connected stadium deal with Chelsea F.C.
        Verizon Business and Zyter focus on In-Stadium Tech
      • GELLIFY Middle East calls for improved data regulations
    • Transport & Logistics
      • Kaspersky launches TI reporting for the automotive industry
      • FENIX is Fujairah’s first micro-mobility operator
      • Dubai’s RTA launches the first digital nol cards with Huawei
      • Beema builds market share as InsureTech firm reports growth
      • SAR Modernises Railway Data Infrastructure with Oracle Cloud
    • Travel & Hospitality
      • MYBEA a new app for hotels and restaurants owners
      • Emaar partners with Xiaomi to deliver smart home technology
      • DTP teams up with Dassault Systèmes to optimise resource planning at DXB
      • Dubai’s Emirates first foreign airline to start biometric boarding
      • UAE spotlights AI’s role in the fight against food waste
  • Company
    • Enterprise
      • IFS refreshes its brand ahead of milestone launch
      • Citrix Tackles Employee Well-Being
      • Kingston Technology launches “Kingston Is With You”
      • AppsFlyer Committed to Attribution and Measurement Solutions
      • Reseller ME Forum & Excellence Awards 2020
    • Corporate
      • BT to streamline Schindler’s global network infrastructure
      • Dubai’s Atlantis turns to Dell Technologies to modernise IT environment
      • Fine Hygienic Holding to accelerate growth with Oracle Cloud
      • John Maddison, Fortinet
        Fortinet secures cloud environments of four global firms
      • Male and female chefs preparing food in commercial kitchen
        Emaar Hospitality Group brings AI tech into UAE kitchen
    • SME
      • Alaris expands information capture ecosystem for SMEs
      • “Innovation is a focal point in Abu Dhabi’s plans,” says DED chair
      • This new app can help SMEs calculate VAT
      • Microsoft introduces SME-centric solution in UAE
      • Fourth Industrial Revolution startups in Dubai get new incubator
    • Startup
      • Hub71 teams up with UAE banks to spotlight banking pain points for startups
      • Kaspersky calls on tech startups for the second edition of Open Innovation Hub
      • UAE-based doctor booking app secures $10 million in funding
      • UAE, Abu Dhabi
        Abu Dhabi’s Hub71 launches region’s first Microsoft Reactor Program
      • CAFU, specialised drones, climate change
        UAE’s fuel refill app to fight climate change with specialised drones
    • Vendor
      • Huawei: 5G will create new value across all industries
      • Mimecast Offers 60+ Cybersecurity and Compliance Integrations
      • emt Distribution Partners with G DATA Cyber Defense AG
      • Nutanix Extends Ransomware Protections to Help Customers
      • Simplifai enters strategic partnership with VAD Technologies
    • Channel
      • emt Distribution Partners with G DATA Cyber Defense AG
      • Simplifai enters strategic partnership with VAD Technologies
      • Cybereason partners with Dubai’s Oxygen to expand services in MENA markets
      • Kaplan and ConnecME partner on Educational Solutions
      • DIFC Academy and EIBFS Partner to Enhance Financial Training
  • Trending
    • Digital Transformation
      • Internet of Things
      • Big Data
      • Blockchain
      • Smart City
      • Cloud Computing
    • Artificial Intelligence
      • Data Centre
      • Machine Learning
      • Virtual Reality
      • Robotics
      • Systems Integrator
      • E-commerce
    • 3D Printing
      • Self-driving Cars
      • Drones
      • Automation
      • Smartphones
      • Wearables
      • Virtualisation
    • Fintech
      • Storage
      • Mobile Payment
      • Startups
      • Applications
      • Security
  • News
    • All News
      • Huawei: 5G will create new value across all industries
      • Mimecast Offers 60+ Cybersecurity and Compliance Integrations
      • emt Distribution Partners with G DATA Cyber Defense AG
      • Nutanix Extends Ransomware Protections to Help Customers
      • Simplifai enters strategic partnership with VAD Technologies
    • Software
      • Spotify Expands Footprint, Bringing Audio to 80+ New Markets
      • Loyica launches Saphyte 2.0
      • Quorum Software to aid digital transformation of energy industry
      • Qualys Extends the Power of VMDR to Mobile Devices
      • Microsoft unveils Employee Experience Platform, Microsoft Viva
    • Hardware
      • Huawei’s array of audio and earphone devices is here to help
      • Carrefour Employs More Tally Robots Across its Stores
      • BenQ presents the Official Monitor of PUBG Invitational.S 2021
      • AVITA launches visually expressive notebook series
      • Acer Unveils New TravelMate Spin B3 Laptop for Classrooms
    • Networking
      • Huawei: 5G will create new value across all industries
      • Huawei: 5G developed fast, becoming key to production processes
      • Salesforce Introduces Loyalty Management for Companies
      • Trend Micro named as one of the top Cloud Companies for 2021
      • Veeam Expands Google Cloud Partnership with Veeam Backup
    • Security
      • Mimecast Offers 60+ Cybersecurity and Compliance Integrations
      • Nutanix Extends Ransomware Protections to Help Customers
      • Cybereason partners with Dubai’s Oxygen to expand services in MENA markets
      • TrickBot emerges as UAE’s top malware threat
      • Proofpoint Reveals Ransomware and Phishing Attack Trends
    • Channel
      • emt Distribution Partners with G DATA Cyber Defense AG
      • Simplifai enters strategic partnership with VAD Technologies
      • Cybereason partners with Dubai’s Oxygen to expand services in MENA markets
      • Kaplan and ConnecME partner on Educational Solutions
      • DIFC Academy and EIBFS Partner to Enhance Financial Training
    • Telecoms
      • Huawei: 5G developed fast, becoming key to production processes
      • BNET Opens N.I.C.E to Support Bahrain’s Telecom Providers
      • du and Etisalat announce partnerships with Emaar Properties
      • Ericsson CEO issues stark warning to Europe on 5G
      • President of US-China business council describes treatment of Huawei as ‘murder’
    • Video
      • Aliasgar Dohadwala, CEO at VisionTech, on working with Huawei
      • Antoine Abi Aad, GM at Emitac, on collaborating with Huawei
      • Huawei Cloud, Grow with Intelligence
      • Interview with Alain Penel, Fortinet
      • Interview with Syed Yousuff Shahan, TouchForce
  • Features
    • Features
      • Women in Tech: “Humanity knows no limits” – Injazat
      • Co-Head of TrueProfile.io outlines how company is empowering end-users
      • Dataiku executive highlights the need to use AI responsibly
      • Techno-Government Relations for the Future
      • TouchForce, interview with Syed Shahan
    • CIO Spotlight
      • DMCC
        Rare commodity: DMCC IT director Abdalla Al Ali
      • HSBC MENAT CIO Ghinwa Baradhi
        The bigger picture: HSBC MENAT CIO Ghinwa Baradhi
      • Mubadala Investment Company CIO Mansour Al Ketbi
        Mansour Al Ketbi unites IT teams for $125 billion Mubadala Investment Company
      • Tariq Al Usaimi, head of digital strategy for the Central Bank of Kuwait
        The new breed: National Bank of Kuwait CDO Tariq Al-Usaimi
      • Al Masah Capital CIO Ashith Piriyattiath
        Ashith Piriyattiath’s diverse & transformative GCC career
    • Case Studies
      • elseco
        DIFC prioritises digital transformation to enhance connectivity and accessibility with Wi-Fi 6
      • How Dubai South is building a digital development
      • Top of the class
      • City University College Ajman delivers agile campus with Huawei
      • Al Safeer CIO Kumar Prasoon
        Rub of the green: Kumar Prasoon’s vision for an energy-efficient Al Safeer
    • Partner Watch
      • Kaspersky signs MoU with Zayed University
      • F5 Appoints Al Jammaz as a Value-Added Distribution Partner
      • The time is now for RNS Managed Security Services
      • ASBIS Middle East on revolutionising the distribution space
      • How Raqmiyat is piloting customers’ digital future
    • Vendor focus
      • Avaya, public, NYSE
        Avaya Reports First Quarter Fiscal 2021 Financial Results
      • AV names Kaspersky Internet Security as Product of the Year
      • IntelliSoft wins two Finalist Gulf Capital SME Awards
      • Emerson Conference to Focus on Smarter, Sustainable Operations
      • 4 Features to Explore in the HUAWEI Browser
    • Analysis
      • Citrix Tackles Employee Well-Being
      • Sophos Uncovers New Evasion Techniques Used to Bypass Security
      • Cisco
        Cisco Study Reveals Role of Privacy Emerging Post Pandemic
      • GoDaddy’s Survey Reveals SMEs Went Digital During Pandemic
      • Crossing the 10 Million Mark: DDoS Attacks in 2020
    • Video
      • Aliasgar Dohadwala, CEO at VisionTech, on working with Huawei
      • Antoine Abi Aad, GM at Emitac, on collaborating with Huawei
      • Huawei Cloud, Grow with Intelligence
      • Interview with Alain Penel, Fortinet
      • Interview with Syed Yousuff Shahan, TouchForce
    • Lifestyle
      • Millions watched Arabic-language Twitch streams in 2020
      • Ericsson – Smart home privacy: How to avoid ‘data paparazzi’
      • LG Delivers a Hassle-Free Cleaning Experience
      • Snap shares reliable tips to prevent coronavirus with new creative tools
      • 10 funny working from home tweets to lift your spirits
    • Insight
      • Women in Tech: “Humanity knows no limits” – Injazat
      • Co-Head of TrueProfile.io outlines how company is empowering end-users
      • Dataiku executive highlights the need to use AI responsibly
      • Techno-Government Relations for the Future
      • TouchForce, interview with Syed Shahan
    • Opinion
      • Dataiku executive highlights the need to use AI responsibly
      • Op-ed: Why Most AI Projects Fail
      • Defending Against DDoS Attacks in the Light of COVID-19 and 5G
      • AI in 2021: Transforming data security and process optimisation
      • NextGen SOCs: the key to cyber resilience
    • Blogs
      • Cybereason’s thoughts for Data Privacy Day
      • Securing Cloud Transformation with Future-Ready Solutions
      • AI solutions take the drama out of running your cloud
      • Livestream to a network: Building lasting ties through short videos
      • Why global corporations are adopting Microsoft Azure
  • News
    • Region
      • Huawei: 5G will create new value across all industries
      • Mimecast Offers 60+ Cybersecurity and Compliance Integrations
      • emt Distribution Partners with G DATA Cyber Defense AG
      • Nutanix Extends Ransomware Protections to Help Customers
      • Simplifai enters strategic partnership with VAD Technologies
  • Magazines
    • CNME
      • January 2021
      • December 2020
      • November 2020
      • Computer News Middle East | Driving the digital economy | October 2020
        October 2020
      • Computer News Middle East | Multi-cloud provider | September 2020
        September 2020
    • Reseller ME
      • February 2021
      • January 2021
      • December 2020
      • Reseller Middle East | November 2020 | Cover
        November 2020
      • Reseller Middle East | Elevating the cloud
        October 2020
    • Security Advisor ME
      • December 2020
      • Security Advisor Middle East | November 2020 | Cover
        November 2020
      • Security Advisor Middle East | Issue 51
        September 2020
      • Security Advisor Middle East | June-July 2020 | Magazine Cover
        June-July 2020
      • Security Advisor Middle East | Strength in unity | Issue 48 | Cover
        May 2020
    • 60 Minutes
      • 60mins Day 5 – (2020)
      • 60mins Day 4 – (2020)
      • 60mins Day 3 – (2020)
      • 60mins Day 2 – (2020)
      • 60mins Day 1 – (2020)
    • Supplements
      • Exclusive Times | Issue 01
      • GovTech – June 2020
      • Automation First | Issue 01
      • Value Stories | Issue 05 Cover
        Value Stories | Issue 05
      • Value Stories | Issue 04 Cover
        Value Stories | Issue 04
  • Events
    • Awards
      • Transformational Leadership Awards
      • The CIO 300 Awards 2021
      • GovTech Innovation Awards
      • Reseller ME Partner Excellence Awards
      • CISO 50 & Future Security Awards
    • Customer Events
      • Race to innovate | Your Voice | Tahawul Tech
        Race to Innovate
      • Expectations vs Investment
      • Rise of e-commerce
      • Combating credit crunch
    • Forums
      • Reseller Middle East Forum
      • Evolve - Digital Transformation Forum
        Evolve – Digital Transformation Forum
    • Your Voice
      • Race to innovate | Your Voice | Tahawul Tech
        Race to Innovate
      • Expectations vs Investment
      • Rise of e-commerce
      • Combating credit crunch
    • Webinars
      • Huawei and IDC collaborate on Autonomous Network white paper
      • WEBINAR: Experience the Intelligent HPE Hyperconverged and Composable Infrastructure
      • WEBINAR: How Alpha Data and Veritas Enable Enterprises to Win the War Against Ransomware
      • WEBINAR: How to maximise the value of multi-cloud environments with Veritas and eSolutions
      • WEBINAR: How Versos and Veritas Enable Enterprises Stay Protected Against Ransomware
  • GITEX
  • Gartner
  • Huawei
Don’t show this ad again.
Redington Value Distribution
Gartner
2CRSI - Server Solution Manufacturer
D-Link
BICSI
Moro
Features

The new normal: Navigating cybersecurity and remote working amid COVID-19

Adelle GeronimoAdelle GeronimoApril 27, 2020, 2:08 pmApril 27, 2020

The coronavirus (COVID-19) pandemic has forced businesses to undergo seismic changes in the way they operate. As flexible policies become standard and remote work becomes a norm, another important challenge is taking the spotlight – cybersecurity.

The coronavirus pandemic presents a tremendous health crisis that nations across the globe are grappling with. With over 2 million confirmed cases of infected people globally, the virus is causing a huge impact on people’s lives, families and communities.

In addition to being a major public health issue, the COVID-19 crisis also brings about profound social and economic consequences, according to the World Health Organisation (WHO) Director-General Tedros Adhanom Ghebreyesus.

Crisis-response efforts are in full motion in many countries across the world. Healthcare organisations are explicitly increasing their capacities and maximising their resources to cope with the rising demands to contain the virus. Educational firms are shifting to online platforms to ensure ongoing learning opportunities. Moreover, companies are rapidly adopting new ways to operate to maintain their businesses, many of which have been compelled to embrace remote working.

However, with the coronavirus not showing any signs of slowing down anytime soon, enterprises are faced with the challenge of having to juggle a range of new systems priorities such as ensuring the stability of critical business processes, workforce productivity and, of course, cybersecurity.

Security Advisor ME speaks to industry experts to get their insights on how the pandemic is impacting the cybersecurity and the future of work.

Risks and challenges

For many businesses, the move to a remote working model came too swiftly. Rather than being able to transition gradually, the quarantine measures demanded a quick response, which has left CIOs and CISOs with little time to prepare and address the cybersecurity challenges for remote working.

The huge amounts of global uncertainty and change that organisations are facing are what criminals are seeking to capitalise on, according to Harish Chib, vice president – MEA, Sophos. These risks are further amplified by the immediate and unforeseen IT challenges that companies are having to ensure their staff can work from home.

“Normal remote working is not a challenge as it gives organisations time to implement it,” says Chib. “The current scenario due to COVID-19 is different. This remote working is rapid, forceful and unplanned, and many organisations have relaxed their cybersecurity controls due to this. There are two areas which are most likely to result in a cybersecurity incident due to the ongoing crisis: remote access and phishing.”

With a majority of employees working from home, business networks have been exposed to countless untrusted networks and unsanctioned devices.

“When employees connect to their corporate networks from home, they expose numerous access points for hackers to exploit,” says Subhalakshmi Ganapathy, Product Evangelist, ManageEngine. “These unprotected endpoints extend the corporate network perimeter, which increases the attack surfaces for the hackers.”

Ideally, whenever an employee is working remotely, they should be accessing their organisation’s network and any software-as-a-service (SaaS) resources they need via a virtual private network (VPN).

A VPN creates a safe, encrypted ‘tunnel’ from the user network, whether public or private Wi-Fi, across the public internet, and into the organisation’s network.

According to Ganapathy, often enterprises don’t have segment or limit their networks for VPN use as they are usually utilised by internal employees and/or trusted third-party vendors. However, with the sudden shift to remote working, most IT teams wouldn’t have had the time to segment their network for the large VPN usage.

“This could lead to channels used for remote connections such as VPNs and other remote access platforms having umpteen security vulnerabilities that could be exploited by the hackers. A simple phishing attack on an unsecured network can expose the entire sensitive data of your company,” she explains.

 

The human element

More critically, IT and security leaders need to bear in mind that attackers will first and foremost take advantage of human weaknesses.

In the last few weeks, there has been an increase in the number of incidents of individuals receiving a variety of emails, which impersonate authorities such as the WHO to persuade victims to download software or donate to bogus causes.

Google’s Gmail, which is being used by over 1.5 billion users globally, has blocked around 18 million hoax emails related to COVID-19 since the outbreak began.

There have also been numerous cases of coronavirus-themed emails being sent out, which have been designed to look like they came from an organisations’ leadership team but are embedded with malware that would infect corporate networks.

“Humans are the weakest links in the security ecosystem,” says Sam Curry, Chief Security Officer, Cybereason. “Today, the biggest blunders include opening email attachments that end up being laced with malware or ransomware, visiting dubious websites or downloading malicious software. The CEO of a company shouldn’t be emailing you a message asking for you to wire transfer $1 million to an account to deal with COVID-19. That should raise a red flag with any employee these days, but there are countless examples of this happenings over the years.”

Curry further notes that even as companies ramp up their security awareness programmes, the overall task of educating employees on the do’s and don’ts to reduce corporate risk remains a constant challenge.

Werno Gevers, cybersecurity specialist, Mimecast, says, “There is a general escalation in cybercriminals’ activity during times of heightened disruption.”

“Already, malicious actors are spreading disinformation with the sole purpose of creating panic. People are desperate to find out more about the crisis and are letting their guards down, clicking on just about anything sent to them. Even one misclick on a link could initiate malware and put the user – and the organisation – at risk.

“Webmail and private emails are unencrypted, leaving employee devices at significant risk of compromise via interception or ‘man in the middle attacks,’ and can make home networks vulnerable to compromise as attackers may piggyback on these end-users to compromise an otherwise secure environment,” he adds.

However, Centrify regional director for Northern, Southern Europe, Middle East and Africa Kamel Heus points out that one of the most common risks that organisations make is focusing only on securing remote access for regular employees. They often forget about the privileged users such as management teams, IT staff and database administrators among others, who often have privileged access to critical infrastructure and sensitive data.

“Those are the credentials that cyber-attackers are most commonly after since they offer the most power and ability to move laterally, find and extract data, and sell it for profit,” he says.

“They also forget about securing outsourced IT and other third-parties who are not employees but may have elevated privileges. Many times, those third parties are simply using a VPN to access the network, which leaves a gaping hole in the security of the enterprise. IT staff, whether employees or consultants, need to have secure remote access for privileged users that goes above and beyond the solutions being made to the collective at-home workforce.”

This being said, CIOs and CISOs need to ensure that their workforce maintains a comprehensive understanding of the cybersecurity risks.

“It is hard to build a cybersecurity culture with employees and user slack is quite certain to take place,” says Rohit Bhargava, Practice Head – Could & Security of Cloud Box Technologies. “Not every employee understands the risks that the organisation could encounter equally.

Bhargava emphasises that IT and business leaders need to look at training and cybersecurity awareness to be as regularly as possible. “Employees must be made aware of phishing emails and ransomware attacks, which must be reported in real-time to the concerned IT experts. There should be better systems in place to manage user sessions and strengthen IT processes and audits to ensure that information leaks are prevented.”

New platforms

In order to maintain productivity and ensure business continuity, organisations have also opted to deploy new applications to allow users to perform work-related tasks remotely. However, the rapid escalation of the pandemic has left them with little time to prepare the security measures in utilising such platforms.

“Many companies that did not initially have remote work capabilities have rushed to use consumer-grade solutions like Zoom, Facebook and many others,” says John Pescatore, director of emerging security trends, SANS. “Zoom has recently admitted it wasn’t ready for this level and type of use and is focusing 100 percent on security and has already taken some steps. Also, users are often sharing or storing business-sensitive information on these services, which increases the odds it will be exposed.”

A majority of new home workers have also adopted third-party applications and use non-corporate remote access tools such as GoToMyPC and TeamViewer, which increases the risks of data breaches.

“Use of unapproved cloud storage makes it more difficult to detect attackers that are trying to exfiltrate data,” says Matt Walmsley, director – EMEA, Vectra. “It also creates regulatory and compliance issues.”

“It is possible there will be heavier use of cloud-based storage (OneDrive, Google Drive, etc.) rather than corporate file servers to share information. This means more valuable information could be placed into cloud storage than would have with most workers on-prem. The way that the remote host is connected will impact what level of cloud storage visibility is available,” he explains.

Walmsley reiterates that security teams must rigorously identify, understand and protect the newly expanded attack surface that the move to increased remote working has created.

Digital Guardian VP for Cybersecurity Tim Bandos shares these views as well saying that with the rapid transition to remote work, data sharing has become a bit of a nightmare for organisations and their employees.

“With the right tools in place, transferring large files while at work may have been easy in the past,” says Bandos. “Without these tools, employees may look for workarounds if they’re unable to use corporate email. Employees may be tempted to leverage sites that are typically blocked while at work such as Dropbox or Box. These workarounds can add risk when it comes to exposing an organisation’s sensitive data to the outside world. It’s essential to educate employees on the risks associated with how data is transferred and offer them the tools they need before they go out on their own looking.”

Furthermore, Bandos points out that inter-office chat platforms can come with inherent risks as well. “Companies that don’t subscribe to an industry-recognised service like Slack or Microsoft Teams could be in danger of having data exposed. Chat platforms like WeChat, Telegram, Viber and the likes are all free but when it comes to experience and security, namely end-to-end encryption, users’ mileage may vary.

“Additionally, phishing attacks are no longer just an email issue. If you can be contacted by individuals outside your organisation via these apps, the platforms can open the door for phishing scams,” he adds.

Next steps

So, what kinds of tools and solutions can organisations utilise to ensure cybersecurity amid the COVID-19 pandemic?

According to Help AG CTO Nicolai Solling, one of the key elements of a robust and secure work-from-home strategy is secure remote access as working remotely radically changes how users, services and data are protected.

“As a bare minimum, any remote access solution should offer two-factor authentication (2FA),” he says. “2FA combines something the user knows – like a password – with something that they have. Today, 2FA can be easily delivered as a smartphone app. It is quick, easy and cost-effective to deploy.”

But it is important to understand that when evaluating your remote access solution, it is also important to remember that there’s no ‘one-size-fits-all’ solution.

“You may even have existing IT investments which can effectively support your remote workforce when evaluated and re-purposed correctly,” explains Solling. “In these unprecedented times, several technology vendors have provided promotional programmes and extended licenses to help organisations overcome security challenges. With the support of a highly-skilled implementation and support partner such as Help AG, most of these solutions can be delivered with extreme speed and with fantastic security features.”

Robert Huber, chief security officer, Tenable, says, “Security teams should lock arms with IT to secure all software-as-a-service (SaaS) applications via cloud access security brokers for configuration, security and data loss prevention. In tandem, integrate all SaaS solutions into one central identity and access management solution. This will not only save time but also reduce headaches too.”

The future of work

If done correctly and securely, remote working can yield a range of benefits for both employers and employees.

“The COVID-19 pandemic has forced many companies to have to enable and exponentially ramp up remote working, for a vast majority of their workforces,” says Marco Marco Rottigni, chief technical security officer, EMEA, Qualys.

“This has highlighted several risks which would otherwise not have been considered if remote working had been approached as an IT project. I believe that this experience will bring a better awareness in companies and among employees about the huge advantages of smart working; this will hopefully increase the overall operational efficiency once this crisis is behind us. Organisations will also gain a better understanding of the importance of SaaS to leverage business and IT processes.”

In the past, remote employees often report flexibility and focus as the biggest benefits, which enables their productivity. It has also proven to be the best resort for many businesses who want to ensure the continuity of their activity amid the pandemic.

“We think that this crisis will drastically change the working habits in many organisations, and some of them might find advantages in remote working,” says Asif Hashim, Middle East Business Manager, WALLIX. “Employees might enjoy the extra time at home, and employers might find that it reduces costs. If organisations opt to continue with this way of working moving forward, this will most likely increase the use of cloud-based services and remote connection tools and therefore make organisations more vulnerable to security breaches.”

Remote working might not be the right option for everyone. But if the future of work drives a big portion of workforces to work remotely, then organisations will have to develop new solutions to the challenges of working remotely.

“Remote work is not the norm in many cultures and regions,” says Huber from Tenable. “While I do not anticipate a monumental shift to remote work as a result of the crisis, it will certainly become a valid option for business continuity events. This will, however, require additional security policies, solutions and education to ensure that the same protections applied within an office will be sustained when working remote.”

Whether this is the future of work for businesses is yet to be determined. However, in this unprecedented new reality that we’re in, we are witnessing a dramatic restructuring of the economic and social order, which is shaping remote work as the new normal for the near term.

 

Related Articles

  • Avaya, public, NYSE
    Avaya Reports First Quarter Fiscal 2021 Financial Results
  • Sophos Uncovers New Evasion Techniques Used to Bypass Security
  • AV names Kaspersky Internet Security as Product of the Year
cloud cybersecurity digital featured5 mobile network security online remote working Security Technology

Previous ArticleNexans launches Cat 6A field terminable plug for MPTL LinksNext ArticleWATCH: Dell EMC on delivering unparalleled expertise to customers amid COVID-19

Most Read in Features

Dataiku executive highlights the need to use AI responsibly

2 days agoFebruary 23, 2021

Women in Tech: “Humanity knows no limits” – Injazat

16 hours agoFebruary 24, 2021

Co-Head of TrueProfile.io outlines how company is empowering end-users

16 hours agoFebruary 24, 2021

RECOMMENDED FOR YOU

  • Nutanix and the ‘democratisation’ of investor relations
  • Kaspersky tips on remote working for smaller businesses
  • What does equal access to education mean in the digital age?
  • Palo Alto Networks, 4 Cybersecurity Lessons for 2021

GET TAHAWULTECH.COM IN YOUR INBOX

The free newsletter covering the top industry headlines

CPI Media Group
TahawulTech.com is the definitive platform in the Middle East for IT content. Covering stories across enterprise technology, cybersecurity and the region’s IT channel industry, TahawulTech.com brings business leaders and technology decision makers together to share their stories of transformation.

OTHER LINKS

  • Events
  • Media Pack
  • Resource Centre
  • Subscription

 

  • Advertise
  • Contact Us
  • Privacy Policy

Contact Us

Head Office:
Media City, Building 4, Office G-08
Dubai, United Arab Emirates, PO Box 13700
Tel: +971 4 568 2993
Email: info@tahawultech.com
© 2021 All Rights Reserved. Product of CPI Media Group.
Menu
  • Home
  • Country/Region
    • UAE
    • Saudi Arabia
    • Oman
    • Bahrain
    • Kuwait
    • Africa
    • Middle East
    • Global
  • Industry
    • Education
    • Energy
    • Financial services
    • Government
    • Healthcare
    • Property
    • Retail
    • Technology
    • Transport & Logistics
    • Travel & Hospitality
  • Company
    • Enterprise
    • Corporate
    • SME
    • Startup
    • Vendor
    • Channel
  • Trending
    • Digital Transformation
    • Internet of Things
    • Big Data
    • Blockchain
    • Smart City
    • Cloud Computing
    • Artificial Intelligence
    • Data Centre
    • Machine Learning
    • Virtual Reality
    • Robotics
    • Systems Integrator
    • E-commerce
    • 3D Printing
    • Self-driving Cars
    • Drones
    • Automation
    • Smartphones
    • Wearables
    • Virtualisation
    • Fintech
    • Storage
    • Mobile Payment
    • Startups
    • Applications
    • Security
  • News
    • All News
    • Software
    • Hardware
    • Networking
    • Security
    • Channel
    • Telecoms
    • Video
  • Features
    • Features
    • CIO Spotlight
    • Case Studies
    • Partner Watch
    • Vendor focus
    • Analysis
    • Video
    • Lifestyle
    • Insight
    • Opinion
    • Blogs
  • News
  • Magazines
    • CNME
    • Reseller ME
    • Security Advisor ME
    • 60 Minutes
    • Supplements
  • Events
    • Awards
    • Conferences
  • GITEX
  • More
    • About Us
    • Contact Us
    • Advertise
    • Privacy Policy
    • Media Pack
    • Subscriptions
    • Resource Centre
    • CPI Media Group
  • Gartner
  • Huawei
tahawultech.com Intro